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DETAILED ACTION 



Response to Arguments 

Applicant's arguments with respect to claims 1-21 have been considered 
but are moot in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 1 02 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 1-3, 6, 8-10, 12, 15-16, 19, 25 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Belani (6772350) in view of Chang (20030229623). 



Regarding Claims 1 and 8-9, 

Belani teaches a server (Figure 1, 20) comprising: 

first means for categorizing permission setting values indicating whether 
object information items of various attribute of a registered user are disclosable 
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to other persons or not depending on a level of the disclosability; ("Fig. 3 depicts 
an exemplary access list information 50 for a resource.. .For each operation, a user or 
group may be granted "positive" permission or "negative" permission." Column 7, lines 
5-14). The Examiner interprets the Access Control list as categorizing permissions of 
users. The Applicant defines "whether an item of an object information of each user is 
disclosable to an outsider" as "a permission" (Paragraph [0070] of Applicant's 
Specification) 

and second means for managing the permission setting values 
hierarchically. 3 

(Figure 6. shows the permissions arranged hierarchically by resource and Figure 7 
shows permissions arrange hierarchically by user) where the second means further 
imparting vertical relations thereto in accordance with types of the attribute 
information items and systematically categorizing the attribute information items. 
The Examiner interprets "vertical relations" as hierarchical relations. 

Belani does not explicitly teach wherein said second means checks, when 
there is a request from the user to change the permission setting value for any 
permission level other than the highest-level operation for any of the object 
information items, consistency of the permission setting value for each level 
higher than the level for which the change request has been made with the 
permission setting value for which the change request has been made, 

said second means corrects, when there is a contradiction in said 

consistency the permission setting value for each level higher than the level for 
which the request to change the setting value has been made 
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Chang (20030229623) teaches when there is a request from the user to 
change the permission setting value for any permission level other than the 
highest-level operation for any of the object information items, consistency of the 
permission setting value for each level higher than the level for which the change 
request has been made with the permission setting value for which the change 
request has been made, said second means corrects, when there is a 
contradiction in said consistency the permission setting value for each level 
higher than the level for which the request to change the setting value has been 
made ("In FIG. 8b, "reverse" or "upward" inheritance is illustrated, such as employed for 
the JMS Topic hierarchy, wherein a subscriber at a certain level receives subscriber 
abilities at all "higher" levels in the tree (e.g. for all ancestor or parent levels" Paragraph 
[0116]) ("a user who is given the "subscriber" role for the "yachting" topic can read 
articles form the yachting topic, as well as read articles from the "water" topic and the 
more general "sports" topic. But, that user cannot read articles in "windsurfing", because 
that topic is not an ancestor of the "yachting" topic in the topic tree hierarchy (e.g. it is a 
sibling") Paragraph [0113]) Paragraph [0113] describes "correcting" the permission 
setting value so that there is a consistency of the permission setting value (ability to 
read) for each level higher. 

It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify Belani with a reverse upward inheritance model as taught 
by Chang. 
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The motivation is "reverse inheritance role assignment methods simplifies 
the role assignment problem because it only needs to make role assignment at 
exactly one place" (Paragraph [01 14]) 



Regarding Claims 2 and 3, 

Belani and Chang teach a server according to claim 1 . Belani also teaches 
"the operation which can be performed on a resource may include read, write, 
publish, subscribe, edit, delete, update, etc." (Column 7, lines 3-5). The 
Examiner interprets "subscribe" as open. Belani further teaches a hierarchy 
based on resources as shown in Figure 6. Belani further teaches detection 
means for detecting contradiction in a specified one of the permission setting 
values based on vertical relations (which the Examiner interprets as hierarchical 
relations) among the permission levels. ("If the permissions are not resolved for all 
the requested operations, the access controller attempts to resolve permissions for the 
unresolved operations by tracing up the user hierarchy information for the user to 
determine if permissions have been asserted for the user's ancestors in the access list 
information of the particular resource" Column 3, lines 8-13). The Examiner interprets 
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that resolving requested operations inherently requires detection means for 
detecting contradictions in hierarchical relations. 

However Belani does not explicitly teach wherein said first means 
categorizes said permission setting values into exactly three respective levels, 
where executability of open operation is set as a permission level higher than 
said executability of read operation, and executability of read operation is set as 
a permission level higher than said executability of write operation. 

It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify the server of Belani and Chang to have exactly three 
respective levels, where the open operation is a permission level higher than the 
read operation and the read operation is set a permission level higher than the 
write operation. 

All the claimed elements were known in the prior art Belani (Belani 
teaches "the operation which can be performed on a resource may include read, 
write, publish, subscribe, edit, delete, update, etc." (Column 7, lines 3-5), and 
one skilled in the art could have combined the elements as claimed by known 
methods (arranging in a hierarchy also described by Belani) with no change in 
their respective functions, and the combination would have yielded predictable 
results to one of ordinary skill in the art at the time of the invention (A hierarchy 
of permissions, where open is hiehrthan read and read is higher than write). 
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Regarding Claim 6, 

Belani and Chang teach a server according to claim 4, wherein said 
second means manages said object information items by imparting vertical 
relations thereto in accordance with types of the object information items and 
systematically categorizing the object information items. (Figures 6 and 7 show 
hierarchical relations in accordance to types of object information items and 
systematically categorizing object information items) 

The Examiner interprets "vertical relations" as hierarchical relations. 

Regarding Claim 8, 

Belani teaches a server according to claim 7, wherein, said detection 
means corrects, when there is contradiction in said consistency, the permission 
setting value belonging to any of the object information items higher in rank than 
the object information item to which the setting value that has received said 
change request belongs, ("if any of the second level ancestors have been granted 
specific positive or negative permissions for one or more unresolved operations, the 
permissions for those operations are inherited by user U1, and those operations are 
considered resolved." (Column 12, lines 21-26)) The Examiner interprets the 
contradiction in consistency as the difference between the inherited permission 
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values and the specific granted permissions. The Examiner further interprets the 
operations being resolved as the detection means correcting the inconsistency. 



Regarding Claims 10-11, 

Belani teaches a server comprising: an interface for receiving transmitted 
information (Figure 2, User Interface Input Devices, 44); storage means (Figure 2, 
File Storage Subsystem, 36); and means for reading information stored in the 
storage means therefrom (Figure 2, Memory Subsystem, 34), wherein said storage 
means has an entry table ("Fig. 3 depicts an exemplary access list information 50 for 
a resource "R" organized in a table format" Column 7, lines 5-6) for storing object 
information items corresponding to various attribute of a registered user and 
permission setting values ("Access list information identifies the resource R in the 
first column. The second column identifies the users or groups which are allowed to 
perform operations on resource "R". The third column 56 identifies the various 
operations that may be peformed on resource "R" and permissions associated with the 
operations for various users." Column 7, lines 6-13) indicating whether said attribute 
information items are disclosable to other persons or not, said permission 
setting values being categorized in accordance with a level of the disclosability 
thereof. 
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wherein said permission setting values are categorized into a plurality of 
levels having vertical relations thereamong and said entry table stores the 
setting value given to any of the plurality of levels. 
(Figures 6 and 7 show hierarchical relations in accordance to types of object 
information items and systematically categorizing object information items) 

The Examiner interprets "vertical relations" as hierarchical relations. 

The Examiner interprets the Access Control list as categorizing permissions of 
users. The Applicant defines "whether an item of an object information of each user is 
disclosable to an outsider" as "a permission" (Paragraph [0070] of Applicant's 
Specification) 

means for extracting a request to change any of the permission setting 
values from received information; ("The access controller is configured to receive a 
request from a particular user requesting performance of one or more operations on a 
particular resource. " Column 2, lines 64-66) 

Belani does not explicitly teach 

judging means forjudging whether or not the permission setting value for 
which said change request has been made is contradictory to any of the 
permission setting values higher in rank than the setting value by referencing 
said entry table. 

Correcting, when there is contradicton, the permission setting value 
belonging to the level higher than said determined level, 
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Wherein said object information items are managed by imparting vertical 
relations thereto in accordance with types of the object information items and 
categorizing the object information items. 

Chang (20030229623) teaches when there is a request from the user to 
change the permission setting value for any permission level other than the 
highest-level operation for any of the object information items, consistency of the 
permission setting value for each level higher than the level for which the change 
request has been made with the permission setting value for which the change 
request has been made, said second means corrects, when there is a 
contradiction in said consistency the permission setting value for each level 
higher than the level for which the request to change the setting value has been 
made ("In FIG. 8b, "reverse" or "upward" inheritance is illustrated, such as employed for 
the JMS Topic hierarchy, wherein a subscriber at a certain level receives subscriber 
abilities at all "higher" levels in the tree (e.g. for all ancestor or parent levels" Paragraph 
[0116]) ("a user who is given the "subscriber" role for the "yachting" topic can read 
articles form the yachting topic, as well as read articles from the "water" topic and the 
more general "sports" topic. But, that user cannot read articles in "windsurfing", because 
that topic is not an ancestor of the "yachting" topic in the topic tree hierarchy (e.g. it is a 
sibling") Paragraph [0113]) Paragraph [0113] describes "correcting" the permission 
setting value so that there is a consistency of the permission setting value (ability to 
read) for each level higher. 
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It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify Belani with a reverse upward inheritance model as taught 
by Chang. 

The motivation is "reverse inheritance role assignment methods simplifies 
the role assignment problem because it only needs to make role assignment at 
exactly one place" (Paragraph [01 14]) 

Regarding Claim 12, 

Belani and Chang teach a server according to claim 1 1 . Belani also 
teaches "the operation which can be performed on a resource may include read, 
write, publish, subscribe, edit, delete, update, etc." (Column 7, lines 3-5). The 
Examiner interprets "subscribe" as open. 

However Belani does not explicitly teach wherein said first means 
categorizes said permission setting values into exactly three respective levels, 
where executability of open operation is set as a permission level higher than 
said executability of read operation, and executability of read operation is set as 
a permission level higher than said executability of write operation. 

It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify the server of Belani and Chang to have exactly three 
respective levels, where the open operation is a permission level higher than the 
read operation and the read operation is set a permission level higher than the 
write operation. 
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All the claimed elements were known in the prior art Belani (Belani 
teaches "the operation which can be performed on a resource may include read, 
write, publish, subscribe, edit, delete, update, etc." (Column 7, lines 3-5), and 
one skilled in the art could have combined the elements as claimed by known 
methods (arranging in a hierarchy also described by Belani) with no change in 
their respective functions, and the combination would have yielded predictable 
results to one of ordinary skill in the art at the time of the invention (A hierarchy 
of permissions, where open is hiehr than read and read is higher than write). 



Regarding Claim 15, 

Belani and Chang teach a server according to claim 11, further comprising: an 
external storage device storing therein copy data of said entry table, ("access list 
information associated with the various resources may be stored in storage subsystem 
32... File storage subsystem... may include... a floppy disk drive along with associated 
removable media, a... (CD-ROM)" Column 6, lines 7-9, 18-24) 

Regarding Claims 16, 19 

Belani teaches a method for controlling a server, comprising the step of: 
categorizing permission setting values indicating whether object 
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information items corresponding to various attribute of a registered user are 
disclosable to other persons or not into a plurality of levels; ("Fig. 3 depicts an 
exemplary access list information 50 for a resource.. .For each operation, a user or 
group may be granted "positive" permission or "negative" permission." Column 7, lines 
5-14). The Examiner interprets the Access Control list as categorizing permissions of 
users. The Applicant defines "whether an item of an object information of each user is 
disclosable to an outsider" as "a permission" (Paragraph [0070] of Applicant's 
Specification) 

and hierarchically managing said object information items by imparting 
thereto vertical relations depending on a level of the disclosability. (Figure 6. 
shows the permissions arranged hierarchically by resource and Figure 7 shows 
permissions arrange hierarchically by user) 

and notifying, when there is contradiction, the user that the setting change 
request has been refused. (Figure 8, Indicate that one or more operations in "O" 
could not be resolved for user "Wand resource "R", 94) 

Belani does not explicitly teach receiving, from said registered user, a 
request to change the permission setting value for one of the object information 
items, 

judging means forjudging whether or not the permission setting value for 
which said change request has been made is contradictory to any of the 
permission setting values higher in rank than the setting value by referencing 
said entry table. 
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Correcting, when there is contradicton, the permission setting value 

belonging to the level higher than said determined level, 

Wherein said object information items are managed by imparting vertical 

relations thereto in accordance with types of the object information items and 

categorizing the object information items. 

Chang (20030229623) teaches when there is a request from the user to 
change the permission setting value for any permission level other than the 
highest-level operation for any of the object information items, consistency of the 
permission setting value for each level higher than the level for which the change 
request has been made with the permission setting value for which the change 
request has been made, said second means corrects, when there is a 
contradiction in said consistency the permission setting value for each level 
higher than the level for which the request to change the setting value has been 
made ("In FIG. 8b, "reverse" or "upward" inheritance is illustrated, such as employed for 
the JMS Topic hierarchy, wherein a subscriber at a certain level receives subscriber 
abilities at all "higher" levels in the tree (e.g. for all ancestor or parent levels" Paragraph 
[0116]) ("a user who is given the "subscriber" role for the "yachting" topic can read 
articles form the yachting topic, as well as read articles from the "water" topic and the 
more general "sports" topic. But, that user cannot read articles in "windsurfing", because 
that topic is not an ancestor of the "yachting" topic in the topic tree hierarchy (e.g. it is a 
sibling") Paragraph [0113]) Paragraph [0113] describes "correcting" the permission 
setting value so that there is a consistency of the permission setting value (ability to 
read) for each level higher. 
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It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify Belani with a reverse upward inheritance model as taught 
by Chang. 

The motivation is "reverse inheritance role assignment methods simplifies 
the role assignment problem because it only needs to make role assignment at 
exactly one place" (Paragraph [01 14]) 

Regarding Claim 25, 

Belani and Chang teach a server according to claiml , wherein said object 
information items include identification information of a user terminal and 
communication capability information of said user terminal; ("Access list information 
is typically associated with each resource in a domain and identifies users who are 
allowed to access the resource" Column 6, lines 63-65) 

Wherein when there is a request form the user to change the permission 
setting value of said communication capability information from a not permitted 
state to a permitted state, said second means sets the permission setting value 
of said identification to a permitted state, and when the permission setting value 
of said identification information is changed from a permitted state to a not 
permitted state, ("the operation which can be performed on a resource may include 
read, write, publish, subscribe, edit, delete, update, etc." Column 7, lines 3-5). 
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The Examiner interprets "communication capability" as the ability to "read, 
write, publish" etc. When resources are granted based on access list information, 
the permission is changed accordingly regarding the identification of the user. 



Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. 
See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Harris C. Wang whose telephone number is 
5712701462. The examiner can normally be reached on M-F 8-5:30, Alternate 
Fridays Off. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, AYAZ R. SHEIKH can be reached on (571)272-3795. 
The fax phone number for the organization where this application or proceeding 
is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 



/Harris C Wang/ 
Examiner, Art Unit 2139 

/Kristine Kincaid/ 

Supervisory Patent Examiner, Art Unit 2139 



